Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle HTTP Server Out-of-bounds Read Vulnerability (CVE-2018-16890)

Description

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

Remediation

References

Related Vulnerabilities

ATutor Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-2555)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6311)

Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)

WordPress 2.0.5 Cross-Site Scripting Vulnerability (0.6.2 - 2.0.5)

Drupal Core 8.x.x Multiple Cross-Site Scripting Vulnerabilities (8.0.0 - 8.7.14)

Severity

High

Classification

CVE-2018-16890 CWE-125 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities